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DETAILED ACTION 

Continued Examination Under 37 CFR 1.114 

1 . A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1 .17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1 .17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. 

Applicant's submission filed on 7/28/2008 has been entered. 

2. This action is responding to application papers filed 6-26-2003. Claims 1, 2, 8 - 

11,17- 20, 23, 24 are pending. Claims 1, 10, 11, 17, 19 have been amended. 
Claims 3 - 7, 12 - 16, 21, 22, 23, 25 - 32 have been cancelled. Claims 1, 10, 19 are 
independent. 



Response to Arguments 

3. Applicant's arguments filed 7/28/2008 have been fully considered but they are moot 
due to extensive amendments to claimed invention. 

3.1 The Ivloriconi and Schneider prior art combination discloses identifying which 
resources are affected by policy changes, (see Schneider col. 24, lines 7-15; col. 24, 
lines 34-54: policy definition; information set (resource) for which access policy is 
defined (identifying information for resource)) 
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The Moriconi prior art discloses processing global security policy information within a 
distributed environment utilizing server systems and processing locally and remotely 
managed security policy information for dient systems, (see Moriconi paragraph 
[0024], lines 1-14; paragraph [0025], lines 1-7) The Moriconi prior art discloses the 
capability to send out a notification, or to distribute a set of updated version(s) of the 
security policy information, (see Moriconi paragraph [0082], lines 8-13: distribute 
updated policy information) 

The Moriconi and Singhal prior art combination discloses a local storage and a 
remote storage source for security policy information, with the distributed environment 
of the Moriconi prior art disclosing the remote storage of security policy information, 
(see Moriconi paragraph [0046], lines 3-9: distributed network environment (i.e. client- 
server), remote source; see Singhal paragraph [0062], lines 7-1 1 : policy decision 
storage in local memory)) 

The terms, "first request", "second request", and 'third request", is not disclosed 
within the specification or the original claims. The term "subsequent request" is 
disclosed within the specification and the original claims. These terms indicate that 
there is no distinction between request(s). AH requests are equal. 

Specification 



4. The specification is objected to as failing to provide proper antecedent basis for the 
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claimed subject matter. See 37 CFR 1.75(d)(1) and MPEP § 608.01(g). Correction of 
the following is required: Claims 19, 20, 23, 24 are objected as "computer readable 
medium" is not defined clearly in the specification, so that the meaning of the term in 
the claims is not ascertainable by reference to the specification. 

Claim Rejections - 35 USC § 112 

5. The following is a quotation of the first paragraph of 35 U.S.C. 112: 

The specification shall contain a written description of the invention, and of the manner and process of 
making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the 
art to which it pertains, or with which it is most nearly connected, to make and use the same and shall 
set forth the best mode contemplated by the inventor of carrying out his invention. 

6. Claims 1, 10, 19 are rejected under 35 U.S.C. 112, first paragraph, as failing to 
comply with the written description requirement. The claim(s) contains subject matter 
which was not described in the specification in such a way as to reasonably convey to 
one skilled in the relevant art that the inventor(s), at the time the application was filed, 
had possession of the claimed invention. There is no disclosure for invalidating said 
first policy decision based on said notification. The term, "invalidate", is not disclosed 
within the specification or the original claims. Appropriate correction is required. 

Claim Rejections - 35 USC § 103 

7. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
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invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

8. Claims 1, 2, 9 - 11, 18 - 20, 24 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Moriconi et al. (US PGPUB No. 200301 15322) in view of Singha! et 
al. (US PGPUB No. 20050021818) and further in view of Schneider et al. (US Patent 
No, 6,178,505). 

With Regards to Claims 1,10, 19, Moriconi discloses a method, computer-usable 
medium having computer-usable medium having computer readable program code 
embodied therein for causing a computer system to perform a method of controlling 
access to resources, said method comprising: 

a ) receiving, by a server, a first request for a resource, said first request comprising 
g..tiM.rg.9ug.gjor.ldentifyj wh erein __sajdlirst„ 

information identifies a first requestor: (see Moriconi paragraph [0068], lines 1- 
3: access request processed, subject or requestor identified; paragraph [0050], 
lines 1-5: program, computer usable medium) 

b) referring, b y said server, said first request to a remote source, wherein said 
remote source evaluates said firs t request in res ponse to said referring to 
generate afiretjBolicy decision, wherein said first policy decision is based on a 
policy definition governing access to said resource and based on said first 
requestor identify information : (see Moriconi paragraph [0068], lines 4-9: process 
or evaluate access request; paragraph [0076], lines 16-19; paragraph [0024], 
lines 1-9: policy definition processed locally or by local security policy, policy 
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definition local client security policy stored within local memory, access policy 
based on subject or requestor identification; paragraph [0017], lines 11-14: 
generate a policy decision) 

c) receiving, by said serv er, said first policy d ecision from said remote source. 
wherein said first policy decision is for said first requestor; (see Moriconi 
paragraph [0050], lines 1-5: program, computer usable medium; paragraph 
[0068], lines 1-3: access request processed, subject or requestor identified) 

e) receiving a second request for access to said resource, said second request 
comprising said first requestor identifying information; (see Moriconi paragraph 
[0050], lines 1-5: program, computer usable medium; paragraph [0068], lines 1-3: 
access request processed, subject or requestor identified) 

h) invalidating said first policy decision based on said notification; (see 112 
rejection) 

i) receiving a third request for access to said resource, said third request comprising 
said second requestor identifying information, wherein s aid second requestor 
identifying information identifies said second requestor ; (see Moriconi paragraph 
[0068], lines 1-3: access request processed, subject or requestor identified) 

j) evaluating said third request us ing said second policy decision in said local 
memory, wherein said firs t polic y decision is invalidated and said second policy 
decision is valid in local memory when said third request is evaluated : (see 
Moriconi paragraph [0076], lines 16-19: policy definition in local memory; 
paragraph [0047], lines 15-20: policy definition enforced based on local security 
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policy or locally) 

k) receiving, by said server, a fourth request for said resource after said third 

request is received, said fourth request comprising said first requestor identifying 
information, wherein said fourth requestor iden tifying information identifies said 
first requestor: identifying, by said server in response to said fourth request, said 
first policy decision as invalid: (see Moriconi paragraph [0068], lines 1-3: access 
request processed, subject or requestor identified) 

I) referring, b y said server, said fourth request to said re mote source when the first 
policy decision is identified as invalid, wherein said remote source evaluates said 
fourth request in response to said referring to generate a third policy decision : 
(see Moriconi paragraph [0017], lines 11-14: generate a policy decision) 

Singhal discloses: 

d) storing said first policy decision for said resource in local memory , wherein said 
local memor y further com^ said second 

policy decision is based on a second requestor identifying information, and 
wherein said second policy decision is for a second requestor identified by said 
second requestor identifying information ; (see Singhal paragraph [0062], lines 7- 
1 1 : local memory storage of policy decision) 

f) evaluating said second request using said first policy decision in said local 
memory; (see Singhal paragraph [0062], lines 7-1 1 : storage policy decision 
parameter in local memory) 

m) receiving, by said server, said third PolicyjjejgjsjQjifrom said remote source (see 
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Singhal paragraph [0062], lines 7-11: poiicy decision storage in local memory) 

(see Moriconi paragraph [0017], lines 11-14: generate a policy decision); 
n) evaluating said fourth request subsequent request based on said third policy 

decision notification , (see Singhal paragraph [0062], lines 7-1 1 : storage poiicy 

decision parameter in local memory) 
It would have been obvious to one of ordinary skill in the art to modify Moriconi 
to process policy decision information as taught by Singhal. One of ordinary skill in 
the art would have been motivated to employ the teachings of Singhal in order to 
enable the provisioning of better services by content providers, (see Singhal 
paragraph [0062], lines 1-6: "... provide content providers 106, third party 
application providers 108 and partner portals 110 with more information about the 
user and network capabiiiiies to enable provision of better services, inline context 
injection is done in the HTTP header by HTTP application handler 208 ... ") 

Schneider discloses: 

g) receiving a notification from said remote source of a change in said policy 
definition, said notification identifying said first policy decision ; (see Schneider 
col. 24, lines 7-15; col. 24, lines 34-54: policy definition; information set 
(resource) for which access policy is defined (identifying information for 
resource)) 

It would have been obvious to one of ordinary skill in the art to modify Moriconi 
to process poiicy decision information as taught by Schneider. One of ordinary skill 
in the art would have been motivated to employ the teachings of Schneider in order 
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to make policy based access filters scalable by providing only as much 
authentication and encryption security as is required for a given user, a given path 
through the network, and a given resource, (see Schneider col, 5, line 66 - col. 6, 
line 3: " ... The aspect of making access filters scalable which is addressed by the 
claims attached hereto is that of providing only as much authentication and 
encryption security as is required for a given user a given path through the network, 
and a given resource, ... ") 

With Regards to Claim 2, Moriconi discloses the method and computer usable medium 
of claims 1 , wherein said resource is affiliated with another resource, and wherein 
further a policy decision for said other resource is received from said remote source and 
stored in said local memory, (see Moriconi paragraph [0050], lines 1-5: program, 
computer usable medium; paragraph [0024], lines 1-9: local client security policy to a 
client, policy definition within local memory; paragraph [0056], lines 1-12: linked 
resources, policy for 2nd resource based on 1st resource) Moriconi does not 
specifically disclose the processing of a policy decision. However, Singhal discloses 
wherein a policy decision for said other resource, (see Singhal paragraph [0062], lines 
7-1 1 : local memory storage of policy decision) 

It would have been obvious to one of ordinary skill in the art to modify Moriconi 
to enable the usage of a policy decision parameter within a security management 
environment as taught by Singhal. One of ordinary skill in the art would have been 
motivated to employ the teachings of Singhal in order to enable the provisioning of 
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better services by content providers, (see Singhal paragraph [0062], lines 1-6) 

With Regards to Claims 9, 24, Moriconi discloses the method, computer usable 
medium of claims 1, 19 wherein a condition associated with said policy definition is 
also received from said remote source and stored locally, wherein said condition is 
enforced locally, (see Moriconi paragraph [0024], lines 1-9: local client security 
policy transmitted to a client, policy definition within local memory; paragraph [0047]., 
lines 17-20: policy enforced locally) 



With Regards to Claim 11, Moriconi discloses the method and computer usable 
medium of claim 10, wherein said resource is affiliated with another resource, and 
wherein further a policy decision for said other resource is received from said remote 
source and stored in said local memory, (see Moriconi paragraph [0050], lines 1-5: 
program, computer usable medium; paragraph [0024], lines 1-9: local client security 
policy to a client, policy definition within local memory; paragraph [0056], lines 1-12: 
linked resources, policy for 2nd resource based on 1st resource) Moriconi does not 
specifically disclose the processing of a policy decision. However, Singhal discloses 
wherein a policy decision for said other resource, (see Singhal paragraph [0062], lines 
7-1 1 : local memory storage of policy decision) 

It would have been obvious to one of ordinary skill in the art to modify Moriconi to 
enable the usage of a policy decision parameter within a security management 
environment as taught by Singhal. One of ordinary skill in the art would have been 
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motivated to employ the teachings of Singhal in order to enable the provisioning of 
better services by content providers, (see Singhal paragraph [0062], lines 1-6) 

With Regards to Claim 18, Moriconi discloses the method of claim 10 further 
comprising: receiving from said remote source a condition associated with said policy 
definition, wherein said condition is enforced locally, (see Moriconi paragraph [0047], 
lines 15-20: policy definition enforced based on local security policy or locally) 

With Regards to Claim 20, Moriconi discloses the method and computer usable 
medium of claim 19 wherein said resource is affiliated with another resource, and 
wherein further a policy decision for said other resource is received from said remote 
source and stored in said local memory, (see Moriconi paragraph [0050], lines 1-5: 
program, computer usable medium; paragraph [0024], lines 1-9: local client security 
policy to a client, policy definition within local memory; paragraph [0056], lines 1-12: 
linked resources, policy for 2nd resource based on 1st resource) Moriconi does not 
specifically disclose the processing of a policy decision. However, Singhal discloses 
wherein a policy decision for said other resource, (see Singhal paragraph [0062], lines 
7-1 1 : local memory storage of policy decision) 

It would have been obvious to one of ordinary skill in the art to modify Moriconi to 
enable the usage of a policy decision parameter within a security management 
environment as taught by Singhal. One of ordinary skill in the art would have been 
motivated to employ the teachings of Singhal in order to enable the provisioning of 
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better services by content providers, (see Singhal paragraph [0062], lines 1-6) 

6. Claims 8, 17, 23 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Moriconi-Singhal-Schneider and further in view of See et aL (US PGPUB No. 
20030021283). 

With Regards to Claim 8, Moriconi discloses the method of claim 1 wherein said policy 
definition is valid is also received from said remote source and stored locally, (see 
Moriconi paragraph [0081], lines 1-5: policy definition is valid; paragraph [0047], lines 
15-20; paragraph [0076], lines 16-19: policy received, received and stored locally) 
Moriconi not specifically disclose processing security information utilizing a policy 
decision parameter. However, Singhal discloses wherein said policy decision, (see 
Singhal paragraph [0062], lines 7-11: local memory storage of policy decision) 

It would have been obvious to one of ordinary skill in the art to modify Moriconi to 
enable the usage of a policy decision parameter within a security management 
environment as taught by Singhal. One of ordinary skill in the art would have been 
motivated to employ the teachings of Singhal in order to enable the provisioning of 
better services by content providers, (see Singhal paragraph [0062], lines 1-6) 

Moriconi-Singhal does not specifically disclose an expiration time for policy 
decision. However, See discloses wherein a period of time said policy information is 
valid, (see See paragraph [0009], lines 1-10: security policy information processing; 
paragraph [0042], lines 13-20: policy information with time based expiration condition or 
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period of time policy information valid) 

It would have been obvious to one of ordinary skill in the art to modify Moriconi- 
Singhal to enable the usage of a period of time policy information is valid as taught by 
See. One of ordinary skill in the art would have been motivated to employ the 
teachings of See in order for a network management platform that allows the making 
and enforcement of network management decisions over multiple network devices in an 
efficient and consistent manner, (see See paragraph [0008], lines 1-6: " ...Accordingly, 
what is desired is a network management platform that allows the making and 
enforcement of network management decisions over multiple network devices in an 
efficient and consistent manner. What is further desired is a network management 
platform that is scalable as the size of the network devices increases. ...") 

With Regards to Claim 17, Moriconi discloses the method of claim 10 further 
comprising: receiving information that identifies said policy definition is valid, (see 
Moriconi paragraph [0081], lines 1-5: determine policy definition valid) Singhal does 
not specifically disclose processing security information utilizing a policy decision 
parameter. However, Singhal discloses wherein said policy decision, (see Singhal 
paragraph [0062], lines 7-1 1 : local memory storage of policy decision) 

It would have been obvious to one of ordinary skill in the art to modify Moriconi to 
enable the usage of a policy decision parameter within a security management 
environment as taught by Singhal. One of ordinary skill in the art would have been 
motivated to employ the teachings of Singhal in order to enable the provisioning of 
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better services by content providers, (see Singhal paragraph [0062], lines 1-6) 
Moriconi-Singhal does not specifically disclose an expiration time for policy 
decision. However, See discloses wherein a period of time said policy information is 
valid, (see See paragraph [0009], lines 1-10: security policy information processing; 
paragraph [0042], lines 13-20: policy information with time based expiration condition or 
period of time policy information valid) 

It would have been obvious to one of ordinary skill in the art to modify Moriconi- 
Singhal to enable the usage of a period of time policy information is valid as taught by 
See. One of ordinary skill in the art would have been motivated to employ the 
teachings of See in order for a network management platform that allows the making 
and enforcement of network management decisions over multiple network devices in an 
efficient and consistent manner, (see See paragraph [0008], lines 1-6) 

With Regards to Claim 23, Moriconi discloses the computer-usable medium of claim 
19 wherein a policy definition is valid, is also received from said remote source, and 
stored locally, (see Moriconi paragraph [0024], lines 1-6: policy definition, stored locally 
within local client security policy transmitted to a client) Singhal does not specifically 
disclose processing security information utilizing a policy decision parameter. 
However, Singhal discloses wherein said policy decision, (see Singhal paragraph 
[0062], lines 7-1 1 : local memory or storage of policy decision) 

It would have been obvious to one of ordinary skill in the art to modify Moriconi to 
enable the usage of a policy decision parameter within a security management 
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environment as taught by Singhal. One of ordinary skill in the art would have been 
motivated to employ the teachings of Singhal in order to enable the provisioning of 
better services by content providers, (see Singhal paragraph [0062], lines 1-6) 

Moriconi-Singhal does not specifically disclose an expiration time for policy 
decision. However, See discloses wherein a period of time said policy decision is valid, 
(see See paragraph [0009], lines 1-10: security pohcy information processing: 
paragraph [0042], lines 13-20: policy information with time based expiration condition or 
period of time policy information valid) 

It would have been obvious to one of ordinary skill in the art to modify Moriconi- 
Singhal to enable the usage of a period of time policy information is valid as taught by 
See. One of ordinary skill in the art would have been motivated to employ the 
teachings of See in order for a network management platform that allows the making 
and enforcement of network management decisions over multiple network devices in an 
efficient and consistent manner, (see See paragraph [0008], lines 1-6) 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Carlton V. Johnson whose telephone number is 571- 
270-1032. The examiner can normally be reached on Monday thru Friday , 8:00 - 
5:00PM EST. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nasser Moazzami can be reached on 571-272-4195. The fax phone 
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number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Nasser G Moazzami/ Carlton V. Johnson 

Supervisory Patent Examiner, Art Unit 2436 Examiner 

Art Unit 2436 
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October 1 , 2008 



